Initial commit
This commit is contained in:
commit
97737b3186
7 changed files with 92 additions and 0 deletions
4
defaults/main.yml
Normal file
4
defaults/main.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
unbound_os_supported: False
|
||||||
|
|
||||||
|
unbound_ip4_subnet: "192.168.0.0/24"
|
1
handlers/main.yml
Normal file
1
handlers/main.yml
Normal file
|
@ -0,0 +1 @@
|
||||||
|
---
|
2
meta/main.yml
Normal file
2
meta/main.yml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
---
|
||||||
|
galaxy_info:
|
42
tasks/main.yml
Normal file
42
tasks/main.yml
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
---
|
||||||
|
- name: Set OS dependent variables
|
||||||
|
ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
|
||||||
|
vars:
|
||||||
|
params:
|
||||||
|
files:
|
||||||
|
- "{{ ansible_distribution | lower }}_{{ ansible_distribution_version | lower }}.yml"
|
||||||
|
- "{{ ansible_distribution | lower }}_{{ ansible_distribution_major_version | lower }}.yml"
|
||||||
|
- "{{ ansible_distribution | lower }}.yml"
|
||||||
|
- "{{ ansible_os_family | lower }}.yml"
|
||||||
|
- "{{ ansible_system | lower }}.yml"
|
||||||
|
paths:
|
||||||
|
- '{{ role_path }}/vars'
|
||||||
|
ignore_errors: True
|
||||||
|
|
||||||
|
- name: OS is supported
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that: __os_supported
|
||||||
|
quiet: True
|
||||||
|
vars:
|
||||||
|
__os_supported: "{{ lookup('vars', '{}_os_supported'.format(role_name)) | bool }}"
|
||||||
|
|
||||||
|
- name: Install unbound
|
||||||
|
apt:
|
||||||
|
name: unbound
|
||||||
|
state: present
|
||||||
|
update_cache: yes
|
||||||
|
|
||||||
|
- name: Set unbound config file
|
||||||
|
template:
|
||||||
|
src: default.conf.j2
|
||||||
|
dest: "{{ unbound_conf_dir }}unbound.conf.d/default.conf"
|
||||||
|
|
||||||
|
- name: Set unbound logrotate config
|
||||||
|
template:
|
||||||
|
src: unbound_logrotate.conf.j2
|
||||||
|
dest: "{{ unbound_logrotate_dir }}unbound"
|
||||||
|
|
||||||
|
- name: Restart unbound
|
||||||
|
service:
|
||||||
|
name: unbound
|
||||||
|
state: restarted
|
29
templates/default.conf.j2
Normal file
29
templates/default.conf.j2
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
server:
|
||||||
|
interface: {{ unbound_ip4 }}
|
||||||
|
port: {{ unbound_port }}
|
||||||
|
access-control: {{ unbound_ip4_subnet }} allow_snoop
|
||||||
|
verbosity: 2
|
||||||
|
|
||||||
|
logfile: "/var/log/unbound/unbound.log"
|
||||||
|
log-time-ascii: yes
|
||||||
|
statistics-cumulative: yes
|
||||||
|
|
||||||
|
# Optimization
|
||||||
|
num-threads: 3
|
||||||
|
msg-cache-slabs: 2
|
||||||
|
rrset-cache-slabs: 2
|
||||||
|
infra-cache-slabs: 2
|
||||||
|
key-cache-slabs: 2
|
||||||
|
|
||||||
|
rrset-cache-size: 257051306
|
||||||
|
msg-cache-size: 128525653
|
||||||
|
|
||||||
|
so-reuseport: yes
|
||||||
|
|
||||||
|
minimal-responses: yes
|
||||||
|
|
||||||
|
prefetch: yes
|
||||||
|
prefetch-key: yes
|
||||||
|
|
||||||
|
serve-expired: yes
|
||||||
|
cache-max-ttl: 3600
|
9
templates/unbound_logrotate.conf.j2
Normal file
9
templates/unbound_logrotate.conf.j2
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
/var/log/unbound/unbound.log {
|
||||||
|
daily
|
||||||
|
missingok
|
||||||
|
rotate 30
|
||||||
|
compress
|
||||||
|
delaycompress
|
||||||
|
notifempty
|
||||||
|
create 640 root root
|
||||||
|
}
|
5
vars/debian.yml
Normal file
5
vars/debian.yml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
unbound_os_supported: True
|
||||||
|
|
||||||
|
unbound_conf_dir: /etc/unbound/
|
||||||
|
unbound_logrotate_dir: /etc/logrotate.d/
|
Loading…
Add table
Add a link
Reference in a new issue